The duties of a notary are in a broad field of work. For example, personal data and special personal data are processed in the context of family law and inheritance law, real estate, companies and mediation.
In order to comply with GDPR legislation as a civil-law notary, it is necessary to perform an on-site inventory, to comply with the documentation requirement, to implement a clean desk policy and to comply with the standards imposed within ISO27001.
Questionnaires handled by telephone cannot provide evidence that organizational and technical measures have been taken to protect the fundamental rights and freedoms of natural persons and in particular their right to protection of personal data.
The role as DPO for Notaries
- Your contact point for external authorities. This is how the Privacy Committee can be contacted in the event of a possible data breach.
- The DPO ensures that the legislation is complied with; whether the data is adequately stored, whether the personnel are adequately trained, whether the necessary audits are conducted, etc.
- Advising on the GDPR. For example, advice can be given about the rights and obligations regarding data protection.
- Investigate whether a data protection impact assessment is needed.
- Determine when the notary is now responsible, processor or joint responsible and draw up the necessary processor agreements for this.
- Categorize retention periods for special personal data that contain information about race, religion, biometric data, health or criminal convictions.
- Make flowcharts for every business activity
The DPO and professional secrecy
- The DPO is legally obliged to remain silent
- A necessary figure of trust